You are here

JC3 Medium Impact Assessment Bulletins

February 28, 2013
V-101: McAfee VirusScan Enterprise Lets Local Users Gain Elevated Privileges

A vulnerability was reported in McAfee VirusScan Enterprise.

February 26, 2013
V-099: Honeywell Multiple Products ActiveX Control Remote Code Execution Vulnerability

A vulnerability has been reported in multiple Honeywell products.

February 25, 2013
V-098: Linux Kernel Extended Verification Module Bug Lets Local Users Deny Service

A vulnerability was reported in the Linux Kernel.

February 19, 2013
V-094: IBM Multiple Products Multiple Vulnerabilities

A weakness and multiple vulnerabilities have been reported in multiple IBM products.

February 18, 2013
V-093: Symantec PGP Desktop Buffer Overflows Let Local Users Gain Elevated Privileges

Two vulnerabilities were reported in Symantec PGP Desktop.

February 12, 2013
V-089: Apache CXF SOAP URIMappingInterceptor and Plaintext UsernameTokens Security Issues

Two security issues have been reported in Apache CXF

February 6, 2013
V-085: Cisco Unity Express Input Validation Hole Permits Cross-Site Request Forgery Attacks

A vulnerability was reported in Cisco Unity Express.

February 5, 2013
V-084: RSA Archer eGRC Permits Cross-Site Scripting, Cross-Domain Access, Clickjacking, and File Upload Attacks

Several vulnerabilities were reported in RSA Archer eGRC.

January 29, 2013
V-079: ISC BIND AAAA Record Lookup Handling Assertion Failure Vulnerability

ISC has learned of the potential for an error condition to occur in BIND 9

January 28, 2013
V-078: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks

WordPress 3.5.1 Maintenance and Security Release